Class: Yes::Core::DataEncryptor

Inherits:
Object
  • Object
show all
Defined in:
lib/yes/core/data_encryptor.rb

Overview

Encrypts event data attributes using a key from the key repository.

Examples:

encryptor = DataEncryptor.new(data: event.data, schema: event.class.encryption_schema, repository: repo)
encryptor.call
encryptor.encrypted_data
encryptor.encryption_metadata

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#encrypted_dataHash (readonly)

Returns the encrypted data.

Returns:

  • (Hash)

    the encrypted data



14
15
16
 
# File 'lib/yes/core/data_encryptor.rb', line 14

def encrypted_data
  @encrypted_data
end

#encryption_metadataHash (readonly)

Returns the encryption metadata (key, iv, attributes).

Returns:

  • (Hash)

    the encryption metadata (key, iv, attributes)



17
18
19
 
# File 'lib/yes/core/data_encryptor.rb', line 17

def encryption_metadata
  @encryption_metadata
end

Instance Method Details

#callHash

Encrypts the data attributes specified in the schema.

Returns:

  • (Hash)

    the encrypted data



22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
# File 'lib/yes/core/data_encryptor.rb', line 22

def call
  return encrypted_data if encryption_metadata.empty?

  key_id = encryption_metadata[:key]
  res = key_repository.find(key_id)
  res = key_repository.create(key_id) if res.failure?
  key = res.value!

  encryption_metadata[:iv] = key.attributes[:iv]
  encrypt_attributes(
    key:,
    data: encrypted_data,
    attributes: encryption_metadata[:attributes].map(&:to_s)
  )
end